Sign upLogin

datacite/levriero

View on GitHub
Star
.github/workflows/deploy.yml

Summary

Maintainability
Test Coverage
name: Deploy
on:
  push:
    branches:
      - "master"
jobs:
  test:
    runs-on: ubuntu-latest
    services:
      memcached:
        image: memcached:1.4.31
        ports:
          - 11211/udp
    env:
      MEMCACHE_SERVERS: "localhost:11211"
      SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }}
      SESSION_ENCRYPTED_COOKIE_SALT: ${{ secrets.SESSION_ENCRYPTED_COOKIE_SALT }}
      JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }}
      JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }}
      AWS_REGION: ${{ secrets.AWS_REGION }}
      CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
    steps:
      - uses: actions/checkout@v3
      - name: Set up Ruby 3.1.4
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: '3.1.4'
      - uses: actions/cache@v3
        with:
          path: vendor/bundle
          key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
          restore-keys: |
            ${{ runner.os }}-gems-
      - name: Install
        run: |
          cp .env.build .env
          gem install bundler -v 2.5.6
          bundle config path vendor/bundle
          bundle install --jobs 4 --retry 3
      - name: Lint and Test
        env:
          MEMCACHE_SERVERS: "localhost:11211"
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          STAFF_ADMIN_TOKEN: ${{ secrets.STAFF_ADMIN_TOKEN }}
          STAFF_PROFILES_ADMIN_TOKEN: ${{ secrets.STAFF_PROFILES_ADMIN_TOKEN }}
        run: |
          # bundle exec rubocop
          bundle exec rspec
          echo $?
      - name: Publish code coverage
        uses: paambaati/codeclimate-action@v5.0.0
        env:
          CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}

  build:
    needs: test
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      - name: Cache Docker layers
        uses: actions/cache@v2
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-buildx-
      - name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: ${{ github.repository }}:latest
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache
      - name: Push to GitHub Packages
        uses: docker/build-push-action@v2
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: ghcr.io/${{ github.repository }}:latest
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache

  deploy:
    needs: [test, build]
    runs-on: ubuntu-latest
    env:
      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          ref: ${{ github.event.pull_request.head.sha }}
      - name: Extract variables
        shell: bash
        run: |
          echo "::set-output name=BRANCH::$(echo ${GITHUB_REF#refs/heads/} | sed 's/\//_/g')"
          echo "::set-output name=TAG::$(git tag --points-at HEAD)"
          echo "::set-output name=GIT_SHA::$(git rev-parse HEAD)"
          echo "::set-output name=GIT_SHA_SHORT::$(git rev-parse --short HEAD)"
          echo "::set-output name=MESSAGE::$(git log --format=%B -n 1 ${{ github.event.after }})"
        id: extract_variables

      - name: Checkout terraform config repo
        uses: actions/checkout@v2
        with:
          # public repo with terraform configuration
          repository: 'datacite/mastino'
          persist-credentials: false
      - name: Commit changes to terraform config repository
        # use go template in terraform config repository to update git sha and tag
        # commit and push changes to trigger terraform workflow
        run: |
          export GIT_SHA=${{ steps.extract_variables.outputs.GIT_SHA_SHORT }}
          export GIT_TAG=${{ steps.extract_variables.outputs.TAG }}

          export VERSION_FILENAME=stage/services/levriero/_levriero.auto.tfvars

          sed -e "s/{{ .Env.GIT_SHA }}/$GIT_SHA/g" -e "s/{{ .Env.GIT_TAG }}/$GIT_TAG/g" $VERSION_FILENAME.tmpl > $VERSION_FILENAME

          git config --local user.email "action@github.com"
          git config --local user.name "GitHub Action"
          git add $VERSION_FILENAME
          git commit -m "Adding levriero git variables for commit ${{ steps.extract_variables.outputs.GIT_SHA }}"
      - name: Push changes
        uses: ad-m/github-push-action@v0.6.0
        with:
          github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
          repository: 'datacite/mastino'
          branch: 'refs/heads/master'
          tags: false